Total
3231 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-34971 | 1 Feehi | 1 Feehi Cms | 2024-11-21 | 8.8 High |
| An arbitrary file upload vulnerability in the Advertising Management module of Feehi CMS v2.1.1 allows attackers to execute arbitrary code via a crafted PHP file. | ||||
| CVE-2022-34965 | 1 Openteknik | 1 Open Source Social Network | 2024-11-21 | 7.2 High |
| OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain an arbitrary file upload vulnerability via the component /ossn/administrator/com_installer. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file. Note: The project owner believes this is intended behavior of the application as it only allows authenticated admins to upload files. | ||||
| CVE-2022-34613 | 1 Mealie Project | 1 Mealie | 2024-11-21 | 9.8 Critical |
| Mealie 1.0.0beta3 contains an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file. | ||||
| CVE-2022-34578 | 1 Opensourcepos | 1 Open Source Point Of Sale | 2024-11-21 | 7.2 High |
| Open Source Point of Sale v3.3.7 was discovered to contain an arbitrary file upload vulnerability via the Update Branding Settings page. | ||||
| CVE-2022-34549 | 1 Sims Project | 1 Sims | 2024-11-21 | 8.8 High |
| Sims v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /uploadServlet. This vulnerability allows attackers to escalate privileges and execute arbitrary commands via a crafted file. | ||||
| CVE-2022-34496 | 1 Hiby | 4 Hiby R3 Pro, Hiby R3 Pro Firmware, Hiby R3 Pro Saber and 1 more | 2024-11-21 | 9.8 Critical |
| Hiby R3 PRO firmware v1.5 to v1.7 was discovered to contain a file upload vulnerability via the file upload feature. | ||||
| CVE-2022-34120 | 1 Barangay Management System Project | 1 Barangay Management System | 2024-11-21 | 7.2 High |
| Barangay Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the module editing function at /pages/activity/activity.php. | ||||
| CVE-2022-34115 | 1 Dataease Project | 1 Dataease | 2024-11-21 | 9.8 Critical |
| DataEase v1.11.1 was discovered to contain a arbitrary file write vulnerability via the parameter dataSourceId. | ||||
| CVE-2022-34024 | 1 Barangay Management System Project | 1 Barangay Management System | 2024-11-21 | 7.2 High |
| Barangay Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the resident module editing function at /bmis/pages/resident/resident.php. | ||||
| CVE-2022-32994 | 1 Halo | 1 Halo | 2024-11-21 | 9.8 Critical |
| Halo CMS v1.5.3 was discovered to contain an arbitrary file upload vulnerability via the component /api/admin/attachments/upload. | ||||
| CVE-2022-32433 | 1 Advanced School Management System Project | 1 Advanced School Management System | 2024-11-21 | 7.2 High |
| itsourcecode Advanced School Management System v1.0 is vulnerable to Arbitrary code execution via ip/school/view/all_teacher.php. | ||||
| CVE-2022-32413 | 1 Dice Project | 1 Dice | 2024-11-21 | 9.8 Critical |
| An arbitrary file upload vulnerability in Dice v4.2.0 allows attackers to execute arbitrary code via a crafted file. | ||||
| CVE-2022-32119 | 1 Arox | 1 School Erp Pro | 2024-11-21 | 8.8 High |
| Arox School ERP Pro v1.0 was discovered to contain multiple arbitrary file upload vulnerabilities via the Add Photo function at photogalleries.inc.php and the import staff excel function at 1finance_master.inc.php. | ||||
| CVE-2022-32019 | 1 Car Rental Management System Project | 1 Car Rental Management System | 2024-11-21 | 9.8 Critical |
| Car Rental Management System v1.0 is vulnerable to Arbitrary code execution via car-rental-management-system/admin/ajax.php?action=save_car. | ||||
| CVE-2022-31943 | 1 Mingsoft | 1 Mcms | 2024-11-21 | 9.8 Critical |
| MCMS v5.2.8 was discovered to contain an arbitrary file upload vulnerability. | ||||
| CVE-2022-31854 | 1 Codologic | 1 Codoforum | 2024-11-21 | 7.2 High |
| Codoforum v5.1 was discovered to contain an arbitrary file upload vulnerability via the logo change option in the admin panel. | ||||
| CVE-2022-31374 | 1 Contec | 2 Sv-cpt-mc310, Sv-cpt-mc310 Firmware | 2024-11-21 | 9.8 Critical |
| An arbitrary file upload vulnerability /images/background/1.php in of SolarView Compact 6.0 allows attackers to execute arbitrary code via a crafted php file. | ||||
| CVE-2022-31362 | 1 Docebo | 1 Docebo | 2024-11-21 | 8.8 High |
| Docebo Community Edition v4.0.5 and below was discovered to contain an arbitrary file upload vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | ||||
| CVE-2022-30887 | 1 Pharmacy Management System Project | 1 Pharmacy Management System | 2024-11-21 | 9.8 Critical |
| Pharmacy Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the component /php_action/editProductImage.php. This vulnerability allows attackers to execute arbitrary code via a crafted image file. | ||||
| CVE-2022-30860 | 1 Fudforum | 1 Fudforum | 2024-11-21 | 7.2 High |
| FUDforum 3.1.2 is vulnerable to Remote Code Execution through Upload File feature of File Administration System in Admin Control Panel. | ||||